Lexmark Markvision Enterprise Remote Command Execution
Critical Nessus Plugin ID 66328
SynopsisThe remote web server has a web application that is affected by a remote command execution vulnerability.
DescriptionThe version of Lexmark Markvision installed on the remote host is earlier than 1.8.0 and gets installed with a Groovy Shell (intended for diagnostic purposes) that binds to TCP port 9789. This could allow for commands to be executed by an unauthenticated, remote attacker.
Note that this plugin does not verify that Groovy Shell is listening and instead only does a version check of Lexmark Markvision install.
SolutionUpgrade to Lexmark Markvision 1.8.0 or later.